Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/app
History
Wolftallemo be556ef17b
FIX: Skip CSRF token check on webhook routes (#16982) 
The `WebhookController` inherits directly from `ActionController::Base`. Since Rails 5.2, forgery protection has been enabled by default. When we applied those new defaults in 0403a8633b, it took effect on this controller and broke integrations.

This commit explicitly disables CSRF protection on these webhook routes, and updates the specs so they'll catch this kind of regression in future.
 		2022-06-13 15:36:45 +01:00
..
assets DEV: Explicitly allow NavItem customization (#17061) 2022-06-13 12:46:04 +02:00
controllers FIX: Skip CSRF token check on webhook routes (#16982) 2022-06-13 15:36:45 +01:00
helpers FIX: Do not use SVGs for twitter:image metadata (#16973) 2022-06-03 09:02:57 +10:00
jobs FEATURE: Create upload_references table (#16146) 2022-06-09 09:24:30 +10:00
mailers FIX: respect user timezone in emails about silencing and suspending (#16918) 2022-05-27 13:58:54 +04:00
models FEATURE: Add new/unread counts to tags section links exp sidebar (#17057) 2022-06-13 14:54:01 +08:00
serializers FEATURE: Add new/unread counts to tags section links exp sidebar (#17057) 2022-06-13 14:54:01 +08:00
services FIX: Send quote notifications to correct users when prioritizing full names (#17030) 2022-06-09 11:52:28 -05:00
views FEATURE: Promote polymorphic bookmarks to default and migrate (#16729) 2022-05-23 10:07:15 +10:00